ShadowTalk host Chris alongside guests Rick and Danny give you the latest in threat intelligence. This week they cover: -Russian and Ukraine Roundup-Lazarus Group Cryptocurrency Activity-Apple’s Right to Repair Get this week’s intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-9-dec***Resources from this week’s podcast***Vulnerability Intelligence Roundup: Five lessons learned since Log4Shellhttps://www.digitalshadows.com/blog-and-research/vulnerability-intelligence-roundup-five-lessons-learned-since-log4shell/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Nicole alongside guests Rick, Ivan and Dean give you the latest in threat intelligence. This week they cover: -Sandworm deploying ransomware targeting Ukraine -Oracle RCE vulnerability actively exploited-300th Episode & Look forward***Resources from this week’s podcast***Vulnerability Intelligence Roundup: Five lessons learned since Log4Shellhttps://www.digitalshadows.com/blog-and-research/vulnerability-intelligence-roundup-five-lessons-learned-since-log4shell/ Vice Society CISA advisoryhttps://www.cisa.gov/uscert/ncas/alerts/aa22-249a Five ways security leaders can prepare for economic uncertainty by Rick https://www.scmagazine.com/perspective/strategy/five-ways-security-leaders-can-prepare-for-economic-uncertainty SANS CTI Summithttps://www.sans.org/cyber-security-training-events/cyber-threat-intelligence-summit-2023/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside guests Dani and Kim give you the latest in threat intelligence. This week they cover: -LockBit Arrest-Big Tech Layoffs-Black Friday Vulnerability Risks***Resources from this week’s podcast***Black Friday Webinarhttps://www.reliaquest.com/resource/webinar/soc-talk-keeping-black-friday-cyber-threats-at-bay/?utm_source=Digital+Shadows&utm_medium=On-Demand+Webinar Keeping One Step Ahead of Black Friday Cyber Threats https://www.digitalshadows.com/blog-and-research/keeping-one-step-ahead-of-black-friday-cyber-threats/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Nicole alongside guests Ivan, Rick and Andrew give you the latest in threat intelligence. This week they cover: -APT29 Windows Credential Roaming-Russian Hacktivists Targeting Ukraine with New Somnia Ransomware-LockBit Using Amadey Bot Malware, LockBit Affiliate ArrestedGet this week’s intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-18-nov ***Resources from this week’s podcast***Cyber Threats to the FIFA World Cup Qatar 2022https://www.digitalshadows.com/blog-and-research/cyber-threats-to-the-fifa-world-cup-qatar-2022/ Keeping One Step Ahead of Black Friday Cyber Threats https://www.digitalshadows.com/blog-and-research/keeping-one-step-ahead-of-black-friday-cyber-threats/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside guests Kim gives you the latest in threat intelligence. This week they cover: -British Government Scanning UK Devices-Twitter's Verification Process-Latest Emotet ReturnGet this week’s intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-11-nov ***Resources from this week’s podcast***Cyber Threats to the FIFA World Cup Qatar 2022https://www.digitalshadows.com/blog-and-research/cyber-threats-to-the-fifa-world-cup-qatar-2022/ Dark Web Recruitment: Malware, Phishing and Cardinghttps://www.digitalshadows.com/blog-and-research/dark-web-recruitment-malware-phishing-and-carding/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Nicole alongside guests Ivan give you the latest in threat intelligence. This week they cover: -APT10 leveraging antivirus to deploy LODEINFO malware-New Azov data wiper attempting to frame security researchers-New Emotet malicious spam campaignGet this week’s intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-04-nov***Resources from this week’s podcast***Q3 2022 Vulnerability Rounduphttps://www.digitalshadows.com/blog-and-research/q3-2022-vulnerability-roundup/ 2023 Cyber Threat Predictions https://www.digitalshadows.com/blog-and-research/2023-cyber-threat-predictions/ Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

Weekly: Ukraine Activity Roundup, Vice Society Targeting Schools, Iranian HacktivismShadowTalk host Chris alongside guests Stefano give you the latest in threat intelligence. This week they cover: -Ukraine Activity Roundup-Vice Society Targeting Schools-Iranian HacktivismGet this week’s intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-28-oct***Resources from this week’s podcast***Q3 2022 Vulnerability Rounduphttps://www.digitalshadows.com/blog-and-research/q3-2022-vulnerability-roundup/ Have your Forgotten About Phishing?Ransomware in Q3 2022https://www.digitalshadows.com/blog-and-research/cybersecurity-awareness-month-2022-have-you-forgotten-about-phishing/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Nicole alongside guests Rick and Ivan give you the latest in threat intelligence. This week they cover: REvil connection to Ransom CartelCryptocurrency hacks in Japan by LazarusToyota T-Connect AttackResources:https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-21-octoberhttps://www.digitalshadows.com/blog-and-research/ransomware-in-q3-2022/https://www.digitalshadows.com/blog-and-research/alternative-future-analysis-pro-russian-hacktivism/https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/special-geoff-white-and-the-lazarus-heist

ShadowTalk host Chris alongside guests Kim give you the latest in threat intelligence. This week they cover: -Recent DDoS attacks on US Airports -Fortinet Vulnerability-A Deep Dive Into Information StealersGet this week’s intelligence summary at: https://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-14-oct

ShadowTalk host and Digital Shadows CISO Rick Holland alongside Michael Farnum Chief Technology Officer at Set Solutions and Greg Porterfield, Senior Security Consultant at Set Solutions give you the latest in threat intelligence. This episode they cover: -How Defenders Should Respond to The Uber Breach-2023 planning For more information about Set Solutions, check out their podcast:https://www.setsolutions.com/category/podcast/Also, make sure you’ve looked at the details and have registered for Hou.Sec.Con 2022:https://web.cvent.com/event/0ac8a54d-fbe9-4a16-8510-49dcf538389f/summary

ShadowTalk host Nicole alongside guests Stefano and Ivan give you the latest in threat intelligence. This week they cover: -Potential first use of LockBit Builder leak-Ransomware Groups Destroying vs. Encrypting Data-Increase in Domain ShadowingLockBit Builder leakGet this week’s intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/20220930-dsweeklyintsum ***Resources from this week’s podcast***Who’s Next In Lapsus$’ Crosshairs?https://www.digitalshadows.com/blog-and-research/whos-next-in-lapsus-crosshairs/ Dark Web Recruitment: How Ransomware Groups Hire Cybercriminal Talenthttps://www.digitalshadows.com/blog-and-research/dark-web-recruitment-how-ransomware-groups-hire-cybercriminal-talent/ Guide to Domain Shadowing Detectionhttps://ieeexplore.ieee.org/document/9148945

ShadowTalk host Nicole alongside Stefano give you the latest in threat intelligence. This week they cover:-LockBit Builder leak,-Lapsus$ breaches Rockstar Games and Uber,-Emotet pushes Quantum and Alphv ransomwareGet this week’s intelligence summary at: resources.digitalshadows.com/weekly-int…ry-23-sept

ShadowTalk host Chris alongside Danny give you the latest in threat intelligence. This week they cover: -Intermittent Encryption Tactics,-Geopolitical Developments in Cyber CrimeGet this week’s intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-16-sept***Resources from this week’s podcast***There’s No Honor Among Thieves: Carding Forum Staff Defraud Users In An ESCROW Scamhttps://www.digitalshadows.com/blog-and-research/theres-no-honor-among-thieves-carding-forum-staff-defraud-users-in-an-escrow-scam/Ransomware Franchising: How Do Groups Get Startedhttps://www.digitalshadows.com/blog-and-research/ransomware-franchising-how-do-groups-get-started/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Nicole alongside Ivan and Chris give you the latest in threat intelligence. This week they cover: -Increase in hacktivism since the Russian invasion of Ukraine -Threat Actors Targeting the Education Sector-New NTF Trends in Cyber Attacks Get this week’s intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-09-sept***Resources from this week’s podcast***APT Spotlight Series: APT41https://www.digitalshadows.com/blog-and-research/apt-spotlight-series-apt41/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Stefano alongside Kim and Digital Shadows CISO Rick you the latest in threat intelligence. This week they cover: Details of the August attack on LastPassCoordinated and Precise Infrastructure Attacks in MontenegroGet this week’s intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-02-sept***Resources from this week’s podcast***“Looking For Pentesters”: How Forum Life Has Conformed To The Ransomware Banhttps://www.digitalshadows.com/blog-and-research/looking-for-pentesters-how-forum-life-has-conformed-to-the-ransomware-ban/“I’m Tired Of Living In Poverty” – Russian-Speaking Cyber Criminals Feeling The Economic Pinchhttps://www.digitalshadows.com/blog-and-research/im-tired-of-living-in-poverty-russian-speaking-cyber-criminals-feeling-the-economic-pinch/

ShadowTalk host Chris alongside Kim and Ivan bring you the latest in threat intelligence. This week they cover: - Lloyd’s of London Ltd. confirms policies state what they will and won’t cover- The LockBit sites have been shut down due to a DDoS attack- Charming Kitten uses a new tool to gather targeted email accountsGet this week’s intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-26-aug***Resources from this week’s podcast***Vulnerability Intelligence RoundUp: Cloudy With A Chance Of Zero Dayshttps://www.digitalshadows.com/blog-and-research/vulnerability-intelligence-roundup-cloudy-with-a-chance-of-zero-days/What We’re Reading This Month: August 2022https://www.digitalshadows.com/blog-and-research/what-were-reading-this-month-august-2022/

ShadowTalk host Nicole alongside CISO Rick Holland bring you the latest in threat intelligence. This week they cover: - BlackHat and Defcon recap- Microsoft’s Patch Tuesday- North Korea fake Coinbase jobsGet this week’s intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-19-aug***Resources from this week’s podcast***Stop The Line: Cyber Threats Facing Manufacturinghttps://www.digitalshadows.com/blog-and-research/stop-the-line-cyber-threats-facing-manufacturing/Honker Union: Has The Grandfather Of Chinese Hacktivism Returned?https://www.digitalshadows.com/blog-and-research/honker-union-has-the-grandfather-of-chinese-hacktivism-returned/

ShadowTalk host Chris alongside Stefano bring you the latest in threat intelligence. This week they cover: - History of ransomware- Details of the deBridge hack- Thoughts and recommendations for organizations targeted multiple timesGet this week’s intelligence summary at: ***Resources from this week’s podcast***Tensions Between The PRC And Taiwan: What’s Happening?https://www.digitalshadows.com/blog-and-research/tensions-between-the-prc-and-taiwan-whats-happening/Meet DUMPS Forum: A Pro-Ukraine, Anti-Russia Cybercriminal Forumhttps://www.digitalshadows.com/blog-and-research/meet-dumps-forum-a-pro-ukraine-anti-russia-cybercriminal-forum/

ShadowTalk host Stefano alongside Chris bring you the latest in threat intelligence. This week they cover: - 911 proxy service ends protection for cybercriminals- ALPHV (aka BlackCat) ransomware claims attack on European gas pipeline- Cyber threat implications from recent news in Taiwan & China Get this week’s intelligence summary at: https://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-05-aug***Resources from this week’s podcast***The Boy Who Cried Ransomware: The Trustworthiness Of Ransomware Groupshttps://www.digitalshadows.com/blog-and-research/the-boy-who-cried-ransomware-the-trustworthiness-of-ransomware-groups/ReliaQuest And Digital Shadows – The Next Stage Of The Journeyhttps://www.digitalshadows.com/blog-and-research/reliaquest-and-digital-shadows-the-next-stage-of-the-journey/

ShadowTalk host Nicole alongside Ivan and CISO Rick Holland bring you the latest in threat intelligence. This week they cover: - Entrust suffered a ransomware attack- Ex-Coinbase manager charged in first crypto insider-trading case- Redeemer ransomware builderGet this week’s intelligence summary at: ***Resources from this week’s podcast***Holy Ghost’s Bargain Basement Approach To Ransomwarehttps://www.digitalshadows.com/blog-and-research/holy-ghosts-bargain-basement-approach-to-ransomware/July edition of What we are reading this monthhttps://www.digitalshadows.com/blog-and-research/what-were-reading-this-month-july-2022/How To Paint Your Best Cyber Threat Landscape: My Three Top Tips From ENISA’s Methodology Reporthttps://www.digitalshadows.com/blog-and-research/how-to-paint-your-best-cyber-threat-landscape-my-three-top-tips-from-enisas-methodology-report/

ShadowTalk host Stefano alongside Chris and Dani bring you the latest in threat intelligence. This week they cover:* HolyGhost6 ransomware operation linked with North Korea* Explanation on how malware is created and distributed* Russia fines Google for failing to delete YouTube videos ***Resources from this week’s podcast***Q2 2022 Vulnerability Rounduphttps://www.digitalshadows.com/blog-and-research/q2-2022-vulnerability-roundup/Breach Forums – When Student Becomes The Teacherhttps://www.digitalshadows.com/blog-and-research/breach-forums-when-student-becomes-the-teacher/How To Paint Your Best Cyber Threat Landscape: My Three Top Tips From ENISA’s Methodology Reporthttps://www.digitalshadows.com/blog-and-research/how-to-paint-your-best-cyber-threat-landscape-my-three-top-tips-from-enisas-methodology-report/Microsoft links Holy Ghost ransomware operation to North Korean hackershttps://www.bleepingcomputer.com/news/security/microsoft-links-holy-ghost-ransomware-operation-to-north-korean-hackers/Russia fines Google $358 million for not removing banned infohttps://www.bleepingcomputer.com/news/security/russia-fines-google-358-million-for-not-removing-banned-info/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Nicole, Ivan, and Rick bring you the latest in threat intelligence. This week they cover:* Microsoft Patch Tuesday* Chinese cyber espionage groups target Russia* Hive ransomware group takes LockBit information to upgrade to Rust* IBM Security X-Force finds evidence on TrickBot attacking Ukraine***Resources from this week’s podcast***Ransomware in Q2 2022: Ransomware is Back in Businesshttps://www.digitalshadows.com/blog-and-research/ransomware-in-q2-2022-ransomware-is-back-in-business/Offensive Nation-State Cyber Threats: Who Takes The Top Spot?https://www.digitalshadows.com/blog-and-research/offensive-nation-state-cyber-threats-who-takes-the-top-spot/Chinese Cyber Espionage Groups Increasingly Targeting Russiahttps://www.infosecurity-magazine.com/news/chinese-cyber-espionage-russia/Hive Ransomware Upgrades to Rust for More Sophisticated Encryption Methodhttps://thehackernews.com/2022/07/hive-ransomware-upgrades-to-rust-for.htmlUnprecedented Shift: The Trickbot Group is Systematically Attacking Ukrainehttps://securityintelligence.com/posts/trickbot-group-systematically-attacking-ukraine/Conti ransomware gang takes over TrickBot malware operationhttps://www.bleepingcomputer.com/news/security/conti-ransomware-gang-takes-over-trickbot-malware-operation/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Stefano alongside Dani bring you the latest in threat intelligence. This week they cover:* Roughly 1 billion Chinese citizens' data breached* British Army's Youtube and Twitter accounts hacked and used to promote cryptocurrency scams* HackerOne employee steals bug reports to sell ***Resources from this week’s podcast***What We’re Reading This Month: June 2022https://www.digitalshadows.com/blog-and-research/what-were-reading-this-month-june-2022/Hacker claims to have stolen 1 bln records of Chinese citizens from policehttps://www.reuters.com/world/china/hacker-claims-have-stolen-1-bln-records-chinese-citizens-police-2022-07-04/British Army’s YouTube and Twitter accounts were hacked to promote crypto scamshttps://www.theverge.com/2022/7/3/23193668/british-army-youtube-twitter-accounts-hacked-promote-crypto-scam-fraudRogue HackerOne employee steals bug reports to sell on the sidehttps://www.bleepingcomputer.com/news/security/rogue-hackerone-employee-steals-bug-reports-to-sell-on-the-side/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Stefano and Kim bring you the latest in threat intelligence. This week they cover:* Recent advances in cyber threat intelligence and end-point protection have helped Ukraine* Conti finally shuts down data leak and negotiates with victims* LockBit debuts ransomware bug bounty program***Resources from this week’s podcast***Market Differentiation: Cybercriminal Forums’ Unusual Features Designed To Attract Usershttps://www.digitalshadows.com/blog-and-research/market-differentiation-cybercriminal-forums-unusual-features-designed-to-attract-users/NATO Leaders Are Meeting At The Madrid Summit 2022: What Is Going To Happen?https://www.digitalshadows.com/blog-and-research/nato-leaders-are-meeting-at-the-madrid-summit-2022-what-is-going-to-happen/Defending Ukraine: Early Lessons from the Cyber Warhttps://blogs.microsoft.com/on-the-issues/2022/06/22/defending-ukraine-early-lessons-from-the-cyber-war/Conti ransomware finally shuts down data leak, negotiation siteshttps://www.bleepingcomputer.com/news/security/conti-ransomware-finally-shuts-down-data-leak-negotiation-sites/LockBit 3.0 Debuts With Ransomware Bug Bounty Programhttps://www.darkreading.com/threat-intelligence/lockbit-3-debut-bug-bounty-programSubscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Stefano and Kim bring you the latest in threat intelligence. This week they cover:* AlphV breaching victims' data in open source* 'BidenCash' website sells your credit card information for only 15 cents* Account Takeover paper***Resources from this week’s podcast***POLONIUM: Proxy Warfare And Iran’s Cyber Strategyhttps://www.digitalshadows.com/blog-and-research/polonium-proxy-warfare-and-irans-cyber-strategy/Vulnerability Intelligence Roundup: Leveraging The OODA Loop For Vulnerability Managementhttps://www.digitalshadows.com/blog-and-research/vulnerability-intelligence-roundup-leveraging-the-ooda-loop-for-vulnerability-management/Credential Stuffing: What Is It, Are You At Risk?https://www.digitalshadows.com/blog-and-research/credential-stuffing-what-is-it-are-you-at-risk/ALPHV/BlackCat ransomware gang starts publishing victims’ data on the clear webhttps://securityaffairs.co/wordpress/132339/malware/blackcat-ransomware-clear-web.htmlNew 'BidenCash' site sells your stolen credit card for just 15 centshttps://www.bleepingcomputer.com/news/security/new-bidencash-site-sells-your-stolen-credit-card-for-just-15-cents/The Anatomy of a Cyberattackhttps://www.wsj.com/articles/anatomy-cyberattack-11654543046Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Stefano alongside Ivan, Nicole, and Rick bring you the latest in threat intelligence. This week they cover:* Cybersecurity researchers disclosed a new Windows zero-day vulnerability* Conti shuts down affiliate program* Cybercriminals discuss LockBit vs Mandiant***Resources from this week’s podcast***Weak Credentials Are Fueling A New Generation Of Cyber Threatshttps://www.digitalshadows.com/blog-and-research/weak-credentials-are-fueling-a-new-generation-of-cyber-threats/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Stefano alongside Xue, and Kim bring you the latest in threat intelligence. This week they cover:- LockBit x Mandiant PR stunt- Bohrium targets victims in various geographiesGet this week’s intelligence summary at:https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-10-jun/***Resources from this week’s podcast*** Killnet: The Hactivist Group That Started A Global Cyber War:https://www.digitalshadows.com/blog-and-research/killnet-the-hactivist-group-that-started-a-global-cyber-war/-Ransomware Gangs and PR Stunts: Why LockBit Faked a Ransomware Attack Against Mandianthttps://www.digitalshadows.com/blog-and-research/ransomware-gangs-and-pr-stunts-why-lockbit-faked-a-ransomware-attack-against-mandiant/

ShadowTalk host Chris alongside Nicole and special guest Geoff White cover the cybercrime group Lazarus and their impact in cyber security.In this special episode, they discuss:* Geoff's new book 'The Lazarus Heist'* An overview of the Lazarus Group* How North Korea created one of the most sophisticated cyber crime groups in the world**Resources from this special podcast**Find Geoff on Twitter: https://twitter.com/geoffwhite247Find Geoff on LinkedIn: https://www.linkedin.com/in/geoffwhite247/Pre-order Geoff's book 'The Lazarus Heist' now:https://www.penguin.co.uk/books/447/447163/the-lazarus-heist/9780241554258.htmlSubscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

Digital Shadows CISO Rick Holland hosts this edition of ShadowTalk. Rick is joined by repeat special guest David Thejl-Clayton, Senior Advisor in Cyber Defense at Combitech. They discuss:- Rick and David's thoughts on the 2022 DBIR report (Full disclosure, they are fanboys) - Research that shows how APT groups primarily go after known vulnerabilities and not 0days- David's experience helping customers create their custom version of the DBIR***Resources from this week’s podcast***Find David on Twitter: https://twitter.com/DCSecuritydkFind David on LinkedIn: https://www.linkedin.com/in/davidclayton454/2022 Data Breach Investigations Report: https://www.verizon.com/business/resources/reports/dbir/Vocabulary for Event Recording and Information Sharing (VERIS): http://veriscommunity.net/SANS CTI Summit - VERISIZE your way into CTI: https://www.youtube.com/watch?v=AwMC6INC5TESoftware Updates Strategies: a Quantitative Evaluation against Advanced Persistent Threats https://arxiv.org/abs/2205.07759VSec Community: https://vsec.dk/about/Checkout the “Roll your own DBIR” Templates on GitHub here: https://github.com/cvpl-fdca/rollyourown-DBIR

ShadowTalk host Chris alongside Ivan, and Nicole bring you the latest in threat intelligence. This week they cover: - Insider Threat Actor at Chinese real estate brokerage is sentenced to 7 years in prison- Microsoft Patch Tuesday mishap- NFT scamsGet this week’s intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-20-may-2022***Resources from this week’s podcast***: Vulnerability Intelligence Round-Up: The Good, The Bad and The Risky:https://www.digitalshadows.com/blog-and-research/vulnerability-intelligence-round-up-the-good-the-bad-and-the-risky/ Mustang Panda: https://www.digitalshadows.com/blog-and-research/advanced-persistent-threat-group-feature-mustang-panda/ What we’re reading this month: https://www.digitalshadows.com/blog-and-research/what-were-reading-this-month-may-2022/ Angry IT Admin Wipes Employers Databases Gets 7 Years in Prisonhttps://www.bleepingcomputer.com/news/security/angry-it-admin-wipes-employer-s-databases-gets-7-years-in-prison/Microsoft May Patch Tuesday Updates Cause Windows Ad Authentication Errorshttps://threatpost.com/microsofts-may-patch-tuesday-updates-cause-windows-ad-authentication-errors/179631/Fake Binance NFT Mystery Box Bots Steal Victims Crypto Walletshttps://www.bleepingcomputer.com/news/security/fake-binance-nft-mystery-box-bots-steal-victims-crypto-wallets/

ShadowTalk host Stefano alongside Kim bring you the latest in threat intelligence. This week they cover:* Costa Rica declares state of emergency because of Conti* The European Council formally attributes VIASAT attack to Russia* Five years since the WannaCry incident***Resources from this week’s podcast***Five Years After The WannaCry Dumpster Fire, Ransomware Remains A Global Threathttps://www.digitalshadows.com/blog-and-research/five-years-after-the-wannacry-dumpster-fire-ransomware-remains-a-global-threat/US offers $15 million reward for info on Conti ransomware ganghttps://www.bleepingcomputer.com/news/security/us-offers-15-million-reward-for-info-on-conti-ransomware-gang/Viasat shares details on KA-SAT satellite service cyberattackhttps://www.bleepingcomputer.com/news/security/viasat-shares-details-on-ka-sat-satellite-service-cyberattack/Satellite outage knocks out thousands of Enercon's wind turbineshttps://www.reuters.com/business/energy/satellite-outage-knocks-out-control-enercon-wind-turbines-2022-02-28/Viasat confirms satellite modems were wiped with AcidRain malwarehttps://www.bleepingcomputer.com/news/security/viasat-confirms-satellite-modems-were-wiped-with-acidrain-malware/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Ivan and Nicole bring you the latest in threat intelligence. This week they cover:* REvil ransomware returns with new malware* Moshen Dragon targeting telecommunication service providers in Central Asia* Russian hackers utilize embassy emails to target governments***Resources from this week’s podcast***ALPHV: THE FIRST RUST-BASED RANSOMWAREhttps://www.digitalshadows.com/blog-and-research/alphv-the-first-rust-based-ransomware/Colonial Pipeline One Year Later: What’s Changed?https://www.digitalshadows.com/blog-and-research/colonial-pipeline-one-year-later-whats-changed/REvil ransomware returns: New malware sample confirms gang is backhttps://www.bleepingcomputer.com/news/security/revil-ransomware-returns-new-malware-sample-confirms-gang-is-back/Chinese cyber-espionage group Moshen Dragon targets Asian telcoshttps://www.bleepingcomputer.com/news/security/chinese-cyber-espionage-group-moshen-dragon-targets-asian-telcos/Russian hackers compromise embassy emails to target governmentshttps://www.bleepingcomputer.com/news/security/russian-hackers-compromise-embassy-emails-to-target-governments/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Stefano alongside Xue, Kim, & Rory bring you the latest in threat intelligence. This week they cover:* Cybercrime group Lapsus$ is back* Cyber activity in the Russia-Ukraine war so far***Resources from this week’s podcast***The Russia – Ukraine War: Two Months Inhttps://www.digitalshadows.com/blog-and-research/the-russia-ukraine-war-two-months-in/Opportunity In The Midst Of Chaos: Russian-Speaking Cybercriminals Grapple With Sanctions And Forum Takedownshttps://www.digitalshadows.com/blog-and-research/russian-speaking-cybercriminals-grapple-with-sanctions-and-forum-takedowns/Leaked Chats Show LAPSUS$ Stole T-Mobile Source Codehttps://krebsonsecurity.com/2022/04/leaked-chats-show-lapsus-stole-t-mobile-source-code/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Ivan, Rick, and Nicole bring you the latest in threat intelligence. This week they cover:* Security researchers find connection between Conti and Karakurt* Chernovite’s Pipedream malware targets ICS networks* Lazarus hacking group is targeting organizations in the cryptocurrency and blockchain industries***Resources from this week’s podcast***The Power Of Data Analysis In Threat Intelligence – Part 2: Machine Learninghttps://www.digitalshadows.com/blog-and-research/the-power-of-data-analysis-in-threat-intelligence-part-2-machine-learning//What We’re Reading This Month: April 2022https://www.digitalshadows.com/blog-and-research/what-were-reading-this-month-april-2022/The Role Of Non-Fungible Tokens (NFTs) In Facilitating Cybercrimehttps://www.digitalshadows.com/blog-and-research/the-role-of-non-fungible-tokens-in-facilitating-cybercrime/Karakurt revealed as data extortion arm of Conti cybercrime syndicatehttps://www.bleepingcomputer.com/news/security/karakurt-revealed-as-data-extortion-arm-of-conti-cybercrime-syndicate/Dragos estimates that Chernovite’s Pipedream malware targets ICS networkshttps://industrialcyber.co/threats-attacks/dragos-estimates-that-chernovites-pipedream-malware-targets-ics-networks/US warns of Lazarus hackers using malicious cryptocurrency appshttps://www.bleepingcomputer.com/news/security/us-warns-of-lazarus-hackers-using-malicious-cryptocurrency-apps/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Stefano alongside Rory bring you the latest in threat intelligence. This week they cover:* 'RaidForums' has been shut down and seized* SandWorm targets electrical substations in Ukraine* The resurgence of hacktivism in the Russia-Ukraine conflict***Resources from this week’s podcast***Q1 2022 Vulnerability Rounduphttps://www.digitalshadows.com/blog-and-research/q1-2022-vulnerability-roundup/Q1 2022 Ransomware Rounduphttps://www.digitalshadows.com/blog-and-research/q1-2022-ransomware-roundup/One of the world’s biggest hacker forums taken downhttps://www.europol.europa.eu/media-press/newsroom/news/one-of-world%E2%80%99s-biggest-hacker-forums-taken-downSubscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Ivan and Austin bring you the latest in threat intelligence. This week they cover:* Spring4Shell: The Internet security disaster that wasn’t* New Borat remote access malware is no laughing matter* FIN7 hackers evolve toolset, work with multiple ransomware gangs***Resources from this week’s podcast***Intelligence Collection Plans: Preparation Breeds Successhttps://www.digitalshadows.com/blog-and-research/intelligence-collection-plans-preparation-breeds-success/Team A Vs Team B: What Is Motivating Lapsus$?https://www.digitalshadows.com/blog-and-research/team-a-vs-team-b-what-is-motivating-lapsus/Five Things We Learned From The Conti Chat Logshttps://www.digitalshadows.com/blog-and-research/five-things-we-learned-from-the-conti-chat-logs/Explaining Spring4Shell: The Internet security disaster that wasn’thttps://arstechnica.com/information-technology/2022/04/explaining-spring4shell-the-internet-security-disaster-that-wasnt/New Borat remote access malware is no laughing matterhttps://www.bleepingcomputer.com/news/security/new-borat-remote-access-malware-is-no-laughing-matter/FIN7 hackers evolve toolset, work with multiple ransomware gangshttps://www.bleepingcomputer.com/news/security/fin7-hackers-evolve-toolset-work-with-multiple-ransomware-gangs/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Stefano alongside Chris and Rick bring you the latest on structured analytical techniques. This episode they cover: *Why they use SATs in their intel team*How they came up with the idea to analyze Lapsus$*How they chose Team A/Team B and how they prepared it*How the exercise performed*Future research direction***Resources from this special podcast***Meet Lapsus$: An Unusual Group In The Cyber Extortion Business https://www.digitalshadows.com/blog-and-research/meet-lapsus-an-unusual-group-in-the-cyber-extortion-business/The Okta Breach: What We Know So Farhttps://www.digitalshadows.com/blog-and-research/the-okta-breach-what-we-know-so-far/A Tradecraft Primer: Structured Analytic Techniques for Improving Intelligence Analysis https://www.stat.berkeley.edu/~aldous/157/Papers/Tradecraft%20Primer-apr09.pdfSubscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

Bem-vindo ao Shadow Talk em Português! Neste episódio, Ivan, Matheus, e Daniel falam sobre:- A história do grupo Lapsus$ e como eles são diferentes- Conexões do Lapsus$ no Brasil- Reações de outros hackers sobre este grupo- Recomendações de como se proteger do Lapsus$***Recursos deste podcast***Meet Lapsus$: An Unusual Group In The Cyber Extortion Businesshttps://www.digitalshadows.com/blog-and-research/meet-lapsus-an-unusual-group-in-the-cyber-extortion-business/Weekly Intelligence Summary 25th Marhttps://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-25th-marAssine nosso e-mail de inteligência de ameaças:https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html

ShadowTalk host Stefano alongside Kim, Xue, and Rick bring you the latest in threat intelligence. This week they cover a recap of a highly dynamic quarter including:* Log4j complex mitigation and remediation* REvil arrests* Cybercrime and Russia-Ukraine War* Extortion and the emergence of Lapsus$***Resources from this week’s podcast***Log4j: What’s Happened Sincehttps://www.digitalshadows.com/blog-and-research/log4j-whats-happened-since/The Log4j Zero-Day: What We Know So Farhttps://www.digitalshadows.com/blog-and-research/the-log4j-zero-day-what-we-know-so-far/Meet Lapsus$: An Unusual Group In The Cyber Extortion Businesshttps://www.digitalshadows.com/blog-and-research/meet-lapsus-an-unusual-group-in-the-cyber-extortion-business/How Cybercriminals Are Using Messaging Platformshttps://www.digitalshadows.com/blog-and-research/how-cybercriminals-are-using-messaging-platforms/Ransomware Q4 Overviewhttps://www.digitalshadows.com/blog-and-research/ransomware-q4-overview/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

Bienvenido a ShadowTalk en Español! En este episodio, Stefano y Dani van a discutir:* Lapsus$: Un grupo inusual en el negocio de la extorsión cibernética* Cómo Lapsus$ conducen sus ataques* Ataques de alto perfil y la brecha de Okta*** Si hoy has escuchado algo que te resulte curioso, no olvides consultar el contenido disponible en la sección de archivos adjuntos más abajo ***Los blogs de Digital Shadows en Lapsus$:Meet Lapsus$: An Unusual Group In The Cyber Extortion Businesshttps://www.digitalshadows.com/blog-and-research/meet-lapsus-an-unusual-group-in-the-cyber-extortion-business/The Okta Breach: What We Know So Farhttps://www.digitalshadows.com/blog-and-research/the-okta-breach-what-we-know-so-far/Come siempre, si teneis algún comentario sobre este episodio o si queréis saber mas de algún tema, escribenos a [email protected] y estaremos muy felices para tomar sus preguntas!

ShadowTalk host Chris alongside Kim, Ivan, and Rick bring you the latest in threat intelligence. This week they cover:* Lapsus$ threat group targets several large companies* Russia/Ukraine war shows no sign of slowing down* TransUnion unveils enhanced data breach***Resources from this week’s podcast***Vulnerability Intelligence Round-Up: Russia-Ukraine Warhttps://www.digitalshadows.com/blog-and-research/vulnerability-intelligence-round-up-russia-ukraine-war/The Okta Breach: What We Know So Farhttps://www.digitalshadows.com/blog-and-research/the-okta-breach-what-we-know-so-far/Russia’s Second Front: The War On Informationhttps://www.digitalshadows.com/blog-and-research/russias-second-front-the-war-on-information/Okta hack puts thousands of businesses on high alerthttps://www.theverge.com/2022/3/22/22990637/okta-breach-single-sign-on-lapsus-hacker-group?utm_campaign=theverge&utm_content=chorus&utm_medium=social&utm_source=twitterStatement by President Biden on our Nation’s Cybersecurityhttps://www.whitehouse.gov/briefing-room/statements-releases/2022/03/21/statement-by-president-biden-on-our-nations-cybersecurity/TransUnion Unveils Enhanced Data Breach Support Service in the UKhttps://newsroom.transunion.co.uk/transunion-unveils-enhanced-data-breach-support-service-in-the-uk/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Austin, Stefano, and Rick bring you the latest on the war between Russia and Ukraine. This episode they cover:* Putin and the Russian military forces * The cybersecurity realm in the midst of war* Continuation and timeline of the ongoing conflict ***Resources from this special podcast***Statement by President Biden on Our Nation's Cybersecurityhttps://www.whitehouse.gov/briefing-room/statements-releases/2022/03/21/statement-by-president-biden-on-our-nations-cybersecurity/News and Updates Related to the Russian Invasion of Ukrainehttps://resources.digitalshadows.com/russian-news-and-updatesDonate to the Ukraine crisis via Red Crosshttps://donate.redcross.org.uk/appeal/ukraine-crisis-appealDigital Forensic Research Labmedium.com/dfrlab

ShadowTalk host Stefano alongside Kim and Dani bring you the latest in threat intelligence. This week they cover:* New Malware against Ukrainian targets: CaddyWiper* Crypto ATM and cybercriminals' reactions* Russia to start using homegrown TLS certificates***Resources from this week’s podcast***Meet Lapsus$: An Unusual Group In The Cyber Extortion Businesshttps://www.digitalshadows.com/blog-and-research/meet-lapsus-an-unusual-group-in-the-cyber-extortion-business/The Russia-Ukraine War And The Revival Of Hacktivismhttps://www.digitalshadows.com/blog-and-research/the-russia-ukraine-war-and-the-revival-of-hacktivism/Biden’s Executive Order On Crypto: What You Need To Knowhttps://www.digitalshadows.com/blog-and-research/bidens-executive-order-on-crypto-what-you-need-to-know/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.htmlAlso, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Ivan and Austin bring you the latest in threat intelligence. This week they cover:* New Linux Vulnerability "Dirty Pipe"* Ransomware Landscape in 2022 So Far* Coinbase Blocks More than 25,000 Addresses Linked to Russia***Resources from this week’s podcast***Exploring SIM Swapping Services On Cybercriminal Forumshttps://www.digitalshadows.com/blog-and-research/exploring-sim-swapping-services-on-cybercriminal-forums/Can Cryptocurrency Be Used To Bypass The Impact Of Sanctions Being Applied Against Russia?https://www.digitalshadows.com/blog-and-research/can-cryptocurrency-be-used-to-bypass-the-impact-of-sanctions-being-applied-against-russia/New Linux bug gives root on all major distros, exploit releasedhttps://www.bleepingcomputer.com/news/security/new-linux-bug-gives-root-on-all-major-distros-exploit-released/FBI: Ragnar Locker ransomware breached 52 US critical infrastructure orgshttps://www.itpro.co.uk/security/ransomware/365375/fbi-ragnar-locker-ransomware-us-critical-infrastructureCoinbase blocks over 25,000 Russian-linked crypto addresseshttps://www.bleepingcomputer.com/news/security/coinbase-blocks-over-25-000-russian-linked-crypto-addresses/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Stefano and Rory bring you the latest on the escalating tension between Russia and Ukraine. This episode they cover:* IDNS rejects Ukraine's request to block Russian Internet content* Anonymous claimed to have hacked Russian channels to broadcast footage from Ukraine***Resources from this special podcast***News and Updates Related to the Russian Invasion of Ukrainehttps://resources.digitalshadows.com/russian-news-and-updatesDonate to the Ukraine crisis via Red Crosshttps://donate.redcross.org.uk/appeal/ukraine-crisis-appealDigital Forensic Research Labmedium.com/dfrlab

Bienvenido a ShadowTalk en Español! En este episodio, Stefano y Dani van a discutir:* Rusia y Ucrania crisis* Las reacciones de los cibercriminales a estos eventos* La Sociedad para las Comunicaciones Interbancarias y Financieras Mundiales (SWIFT)* Consejos de mitigación y reducción del riesgoCome siempre, si teneis algún comentario sobre este episodio o si queréis saber mas de algún tema, escribenos a [email protected] y estaremos muy felices para tomar sus preguntas!

ShadowTalk host Stefano alongside Kim and Xue bring you the latest in threat intelligence. This week they cover:* Conti Leaks* Reactions from Cybercriminals* Priority Intelligence Requirements***Resources from this week’s podcast***Russian Cyber Threats: Practical Advice For Security Leadershttps://www.digitalshadows.com/blog-and-research/russian-cyber-threats-practical-advice-for-security-leaders/Cybercriminals React To Ukraine-Russia Conflicthttps://www.digitalshadows.com/blog-and-research/cybercriminals-react-to-ukraine-russia-conflict/Intelligence Requirements: Planning Your Cyber Response To The Russia-Ukraine Warhttps://www.digitalshadows.com/blog-and-research/planning-your-cyber-response-to-the-russia-ukraine-war/ Conti Ransomware Group Diaries, Part I: Evasionhttps://krebsonsecurity.com/2022/03/conti-ransomware-group-diaries-part-i-evasion/Subscribe to our threat intelligence email: https://info.digitalshadows.com/SubscribetoEmail-Podcast_Reg.html Also, don’t forget to reach out to - [email protected] - if you have any questions, comments, or suggestions for the next episodes.

ShadowTalk host Chris alongside Stefano, Rory, and Rick bring you the latest on the escalating tension between Russia and Ukraine. This episode they cover:* Recent cyber developments* Malware targeting Ukrainian organizations* New sanctions against Russia***Resources from this special podcast***Donate to the Ukraine crisis via Red Crosshttps://donate.redcross.org.uk/appeal/ukraine-crisis-appealDigital Forensic Research Labmedium.com/dfrlabPhoton BriefingSHAPING YOUR RESPONSE TO THE RUSSIA - UKRAINE WAR SESSION DETAILS: 03 Mar 2022Session 1: 12pm GMT | Session 2: 8:30am PThttps://info.digitalshadows.com/PhotonIntelBriefing-RussiaUkraine.html